Need Help with Security Breach at Home
I couldn’t think of a better place to post this than anywhere else, so I will be forever grateful if anyone can help me figured out what’s going on and what I can do additionally to safeguard my email account and my network.
I received a text from a friend yesterday asking me if I sent them an email with an attachment (there was no attachment to the email, just a link), and I told her no and to just delete it since I was not in a position to check until later that evening. I also got a few more text from other friends asking the same question and I managed to find out which email account these emails came from.
I logged into this email address XXXXX@sbcglobal.net when I got home and I did see emails being sent to everyone in my address book. The subject line contained Steve Hey!, Steve, or Steve hello! All I see in the body of the email is check this out when you get a chance <link removed>, I check this website and it appeared to be some kind of telemarketing type of website.
I found it strange that the email did actually send from my email account, so when I looked further, I found that my DSL router’s public IP address was changed to XXX.XXX.XXX.0 with a 255.255.255.255 mask. I know the public IP that was on the DSL router is incorrect so I rebooted the router, and after the router reboot, the public IP address seem to return to what it should be.
I’m curious to see what everybody think and have anybody experienced or heard of anything similar to this. The only reason I’m a bit concern was because I had a disgruntle employee, he’s the type that will try to hack into someone’s account to screw around, so I’m not sure if he was doing that or was it someone else. Any insight into this will be greatly appreciated.
I received a text from a friend yesterday asking me if I sent them an email with an attachment (there was no attachment to the email, just a link), and I told her no and to just delete it since I was not in a position to check until later that evening. I also got a few more text from other friends asking the same question and I managed to find out which email account these emails came from.
I logged into this email address XXXXX@sbcglobal.net when I got home and I did see emails being sent to everyone in my address book. The subject line contained Steve Hey!, Steve, or Steve hello! All I see in the body of the email is check this out when you get a chance <link removed>, I check this website and it appeared to be some kind of telemarketing type of website.
I found it strange that the email did actually send from my email account, so when I looked further, I found that my DSL router’s public IP address was changed to XXX.XXX.XXX.0 with a 255.255.255.255 mask. I know the public IP that was on the DSL router is incorrect so I rebooted the router, and after the router reboot, the public IP address seem to return to what it should be.
I’m curious to see what everybody think and have anybody experienced or heard of anything similar to this. The only reason I’m a bit concern was because I had a disgruntle employee, he’s the type that will try to hack into someone’s account to screw around, so I’m not sure if he was doing that or was it someone else. Any insight into this will be greatly appreciated.
Comments
-
lsud00d Member Posts: 1,571Sounds 100% like you got a virus that changed your DNS and spammed your address book contacts...I don't think you can point the finger at the disgruntled employee.
And BTW you should remove that link so people here don't click on it and get the malware that you're spreading. Actually with only 2 posts you might be a scammer yourself... -
Tightwad Member Posts: 5 ■□□□□□□□□□Gee, thanks, lsud00d, just because I didn't actively post does not make me a scammer. I'm here looking for advice and guidance from more experience users, people that are exposed to stuff like this everyday. If you can't and don't want to help, then please keep comments to yourself. Thank you!
-
networker050184 Mod Posts: 11,962 ModSpam links in your second post does set off alarms. Don't take it personally.
Change your passwords and scan your computer.An expert is a man who has made all the mistakes which can be made. -
lsud00d Member Posts: 1,571Gee, thanks, lsud00d, just because I didn't actively post does not make me a scammer. I'm here looking for advice and guidance from more experience users, people that are exposed to stuff like this everyday. If you can't and don't want to help, then please keep comments to yourself. Thank you!
Youuuuuuuu're Welcome! -
Tightwad Member Posts: 5 ■□□□□□□□□□I understand. I only post the link to see if anyone have seen something similar, not to try and spread spam. It just drives me insane as I do work hard on not getting virus and such into my computer. By the way, I just bought this Macbook Pro a couple of weeks ago, not saying virus does not get on an Apple computer, just trying to figured out where it came from and if I should check the rest of the computers at home.
-
networker050184 Mod Posts: 11,962 ModYour email probably just got hacked. Not sure about the modem thing but I would doubt it's related.An expert is a man who has made all the mistakes which can be made.
-
veritas_libertas Member Posts: 5,746 ■■■■■■■■■■Also consider using strong passwords. I use a password manager so I don't have to worry about remembering 20+ size character passwords with random letters/numbers/symbols. I also use a RSA style key for my e-mail for extra protection.
-
tpatt100 Member Posts: 2,991 ■■■■■■■■■□I know it is a pain and I was guilty of it but try and not use the same password for everything. With email addresses becoming our primary form of online ID, it can open a chain reaction of bad stuff once somebody figures out your password.
-
Tightwad Member Posts: 5 ■□□□□□□□□□Thanks everyone for your input and suggestions. I've always use complex password, just never went as far as 20 characters in length. Someone also mentioned to me earlier today that yahoo was hacked this summer and got a bunch of email addresses, I don't remember hearing anything about this or I would have change my password.
-
paul78 Member Posts: 3,016 ■■■■■■■■■■Sounds like your email got hacked. That's happened to a few friends of mine.
I realize it could be a hassle but if the hacked email account is tied to any other online account, I suggest you make sure that you verify the credentials on those other online accounts. A hacked email account becomes a pretty good pivot point to other online accounts if those online account use email to password reset login credentials. -
DPG Member Posts: 780 ■■■■■□□□□□There are still residential ISP's that allow SMTP outbound by default?!
-
CodeBlox Member Posts: 1,363 ■■■■□□□□□□It's happened to me before. Found out after a while that my email account was sending erection pill stuff to all my contacts. Someone finally mentioned it to me months after it happened (my sister)... I changed my password and it no longer happens. You can also check your workstation for malware.Currently reading: Network Warrior, Unix Network Programming by Richard Stevens